Training Linux Administration Material

8/6/2019 Training Linux Administration Material

1/135

No.3,IIFloor,100FeetRingRoadBTMLayoutIIStageBangalore560076.Website:www.proximo.in

LinuxAdministration 1

The Linux System Administrator's

Table of Contents

Chapter 1. IntroductionChapter 2. Overview of a Linux SystemChapter 3. Overview of the Directory TreeChapter 4. Hardware, Devices, and ToolsChapter 5. Using Disks and Other Storage MediaChapter 6. Memory ManagementChapter 7. System MonitoringChapter 8. Boots And ShutdownsChapter 9. initChapter 10. Logging In And OutChapter 11. Managing user accountsChapter 12. Backups

Chapter 13. Task AutomationChapter 14. Keeping TimeChapter 15. System LogsChapter 16. System UpdatesChapter 17. The Linux Kernel SourceChapter 18. Finding Help


2/135



Chapter 1. Introduction

"In the beginning, the file was without form, and void; and emptiness was upon theface the bits. And the Fingers of the Author moved upon the face of the keyboard. A

nd the Author said, Let there be words, and there were words."

The Linux System Administrator's Guide, describes the system administration aspects ofusing Linux. It isintended for people who know next to nothing about system administration (those saying``what is it?''), butwho have already mastered at least the basics of normal usage. This manual doesn't tellyou how to installLinux; that is described in the Installation and Getting Started document. See below formore information about Linux manuals.

System administration covers all the things that you have to do to keep a computer system in usable order. Itincludes things like backing up files (and restoring them if necessary), installing new programs, creatingaccounts for users (and deleting them when no longer needed), making certain that the filesystem is notcorrupted, and so on. If a computer were, say, a house, system administration would be called maintenance,and would include cleaning, fixing broken windows, and other such things.

The structure of this manual is such that many of the chapters should be usable independently, so if you needinformation about backups, for example, you can read just that chapter. However, this manual is first and foremost a tutorial and can be read sequentially or as a whole.

This manual is not intended to be used completely independently. Plenty of the rest of the Linuxdocumentation is also important for system administrators. After all, a system administrator is just a user withspecial privileges and duties. Very useful resources are the manual pages, which should always be consultedwhen you are not familiar with a command. If you do not know which command you need,then the apropos command can be used. Consult its manual page for more details.

While this manual is targeted at Linux, a general principle has been that it should be usefulwith other UNIXbased operating systems as well. Unfortunately, since there is so much variance between different versions ofUNIX in general, and in system administration in particular, there is little hope to cover allvariants. Evencovering all possibilities for Linux is difficult, due to the nature of its development.


3/135



There is no one official Linux distribution, so different people have different setups and many people have asetup they have built up themselves. This book is not targeted at any one distribution. Distributions can and dovary considerably. When possible, differences have been noted and alternatives given. For alist ofdistributions and some of their differences see http://en.wikipedia.org/wiki/Comparison_of_Linux_distributions.

In trying to describe how things work, rather than just listing ``five easy steps'' for each task, there is muchinformation here that is not necessary for everyone, but those parts are marked as such and can be skipped ifyou use a preconfigured system. Reading everything will, naturally, increase your understanding of the system and should make using and administering it more productive.

Understanding is the key to success with Linux. This book could just provide recipes, but w

hat would you dowhen confronted by a problem this book had no recipe for? If the book can provide understanding, then recipes are not required. The answers will be self evident.

Chapter 1. IntroductionLike all other Linux related development, the work to write this manual was done on a volunteer basis: I did itbecause I thought it might be fun and because I felt it should be done. However, like all volunteer work, there

is a limit to how much time, knowledge and experience people have. This means that the manual is notnecessarily as good as it would be if a wizard had been paid handsomely to write it and hadspent millennia to perfect it. Be warned.

One particular point where corners have been cut is that many things that are already well documented inother freely available manuals are not always covered here. This applies especially to program specificdocumentation, such as all the details of using mkfs. Only the purpose of the program andas much of itsusage as is necessary for the purposes of this manual is described. For further information,

consult these othermanuals. Usually, all of the referred to documentation is part of the full Linux documentation set.

1.1. Linux or GNU/Linux, that is the question.

Many people feel that Linux should really be called GNU/Linux. This is because Linux is onlythe kernel, not


4/135



the applications that run on it. Most of the basic command line utilities were written by the Free SoftwareFoundation while developing their GNU operating system. Among those utilities are some ofthe most basic commands like cp, mv lsof, and dd.

In a nutshell, what happened was, the FSF started developing GNU by writing things like compliers, Clibraries, and basic command line utilities before the kernel. Linus Torvalds, started Linux by writing the Linux kernel first and using applications written for GNU.

I do not feel that this is the proper forum to debate what name people should use when referring to Linux. Imention it here, because I feel it is important to understand the relationship between GNU and Linux, and toalso explain why some Linux is sometimes referred to as GNU/Linux. The document will be simply referring to it as Linux.

GNU's side of the issue is discussed on their website:

The relationship http://www.gnu.org/gnu/linuxandgnu.html

Why Linux should be GNU/Linux http://www.gnu.org/gnu/whygnulinux.html

GNU/Linux FAQ's http://www.gnu.org/gnu/gnulinuxfaq.html

Here are some Alternate views: http://librenix.com/?inode=2312

http://www.topology.org/linux/lingl.html http://atulchitnis.net/writings/gnulinux.php

1.2. Trademarks

Microsoft, Windows, Windows NT, Windows 2000, and Windows XP are trademarks and/or registered trademarks of Microsoft Corporation.

Chapter 1. Introduction

Red Hat is a trademark of Red Hat, Inc., in the United States and other countries.

SuSE is a trademark of Novell.

Linux is a registered trademark of Linus Torvalds.

UNIX is a registered trademark in the United States and other countries, licensed exclusivel

y through X/Open


5/135



Company Ltd.

GNU is a registered trademark of the Free Software Foundation.

Other product names mentioned herein may be trademarks and/or registered trademarks

of their respective

companies.

Chapter 2. Overview of a Linux System

"God saw everything that he had made, and saw that it was very good. " Bible King James Version. Genesis 1:31

This chapter gives an overview of a Linux system. First, the major services provided by theoperating systemare described. Then, the programs that implement these services are described with a considerable lack ofdetail. The purpose of this chapter is to give an understanding of the system as a whole, sothat each part is described in detail elsewhere.

2.1. Various parts of an operating system

UNIX and 'UNIXlike' operating systems (such as Linux) consist of a kerneland some system programs.There are also some application programs for doing work. The kernel is the heart of the operating system. Infact, it is often mistakenly considered to be the operating system itself, but it is not. An operating system provides provides many more services than a plain kernel.

It keeps track of files on the disk, starts programs and runs them concurrently, assigns memory and other

resources to various processes, receives packets from and sends packets to the network, and so on. The kerneldoes very little by itself, but it provides tools with which all services can be built. It also prevents anyone fromaccessing the hardware directly, forcing everyone to use the tools it provides. This way thekernel providessome protection for users from each other. The tools provided by the kernel are used via system calls. See manual page section 2 for more information on these.


6/135



The system programs use the tools provided by the kernel to implement the various services required from anoperating system. System programs, and all other programs, run `on top of the kernel', inwhat is called theuser mode. The difference between system and application programs is one of intent: applications are intendedfor getting useful things done (or for playing, if it happens to be a game), whereas system programs areneeded to get the system working. A word processor is an application; mount is a system program. Thedifference is often somewhat blurry, however, and is important only to compulsive categorizers.

An operating system can also contain compilers and their corresponding libraries (GCC andthe C library in

particular under Linux), although not all programming languages need be part of the operating system.Documentation, and sometimes even games, can also be part of it. Traditionally, the operating system hasbeen defined by the contents of the installation tape or disks; with Linux it is not as clear since it is spread all over the FTP sites of the world.

2.2. Important parts of the kernel

The Linux kernel consists of several important parts: process management, memory management, hardwaredevice drivers, filesystem drivers, network management, and various other bits and pieces.Figure 21 showssome of them.

Figure 21. Some of the more important parts of the Linux kernel



7/135



Probably the most important parts of the kernel (nothing else works without them) are memory managementand process management. Memory management takes care of assigning memory areas and swap space areasto processes, parts of the kernel, and for the buffer cache. Process management creates p

rocesses, and implements multitasking by switching the active process on the processor.

At the lowest level, the kernel contains a hardware device driver for each kind of hardware it supports. Sincethe world is full of different kinds of hardware, the number of hardware device drivers is large. There areoften many otherwise similar pieces of hardware that differ in how they are controlled by software. Thesimilarities make it possible to have general classes of drivers that support similar operations; each member ofthe class has the same interface to the rest of the kernel but differs in what it needs to do to implement them.For example, all disk drivers look alike to the rest of the kernel, i.e., they all have operations like `initialize the drive', `read sector N', and `write sector N'.

Some software services provided by the kernel itself have similar properties, and can therefore be abstractedinto classes. For example, the various network protocols have been abstracted into one pr


8/135



ogramminginterface, the BSD socket library. Another example is the virtual filesystem (VFS) layer that abstracts thefilesystem operations away from their implementation. Each filesystem type provides an implementation ofeach filesystem operation. When some entity tries to use a filesystem, the request goes via the VFS, which routes the request to the proper filesystem driver.

A more indepth discussion of kernel internals can be found at http://www.tldp.org/LDP/lki/index.html. Thisdocument was written for the 2.4 kernel. When I find one for the 2.6 kernel, I will listit here.

2.3. Major services in a UNIX system

This section describes some of the more important UNIX services, but without much detail.They are described more thoroughly in later chapters.2.3.1. init

The single most important service in a UNIX system is provided by init init is started as the first process ofevery UNIX system, as the last thing the kernel does when it boots. When init starts, it continues the bootprocess by doing various startup chores (checking and mounting filesystems, starting daemons, etc).

The exact list of things that init does depends on which flavor it is; there are several to choose from. initusually provides the concept ofsingle user mode, in which no one can log in and root uses ashell at theconsole; the usual mode is called multiuser mode. Some flavors generalize this as run levels; single andmultiuser modes are considered to be two run levels, and there can be additional ones as well, for example, to run X on the console.

Linux allows for up to 10 runlevels, 09, but usually only some of these are defined by default. Runlevel 0 is

defined as ``system halt''. Runlevel 1 is defined as ``single user mode''. Runlevel 3 is defined as "multi user"because it is the runlevel that the system boot into under normal day to day conditions. Runlevel 5 is typicallythe same as 3 except that a GUI gets started also. Runlevel 6 is defined as ``system reboot''. Other runlevelsare dependent on how your particular distribution has defined them, and they vary significa


9/135



ntly betweendistributions. Looking at the contents of /etc/inittab usually will give some hint what the predefined runlevels are and what they have been defined as.

In normal operation, init makes sure getty is working (to allow users to log in) and to adopt orphan processes(processes whose parent has died; in UNIX allprocesses mustbe in a single tree, so orphans must be adopted).

When the system is shut down, it is init that is in charge of killing all other processes, unmounting allfilesystems and stopping the processor, along with anything else it has been configured to do.

2.3.2. Logins from terminals

Logins from terminals (via serial lines) and the console (when not running X) are provided by the gettyprogram. init starts a separate instance ofgetty for each terminal upon which logins are tobe allowed. gettyreads the username and runs the loginprogram, which reads the password. If the usernameand password arecorrect, login runs the shell. When the shell terminates, i.e., the user logs out, or when login terminatedbecause the username and password didn't match, init notices this and starts a new instance ofgetty. The kernel has no notion of logins, this is all handled by the system programs.

2.3.3. Syslog

The kernel and many system programs produce error, warning, and other messages. It is often important thatthese messages can be viewed later, even much later, so they should be written to a file. The program doingthis is syslog . It can be configured to sort the messages to different files according to writer or degree ofimportance. For example, kernel messages are often directed to a separate file from the oth

ers, since kernelmessages are often more important and need to be read regularly to spot problems.

Chapter 15 will provide more on this.


10/135



2.3.4. Periodic command execution: cron and at

Both users and system administrators often need to run commands periodically. For example, the systemadministrator might want to run a command to clean the directories with temporary files (/tmp and/var/tmp) from old files, to keep the disks from filling up, since not all programs clean up after themselves correctly.

The cron service is set up to do this. Each user can have a crontab file, where she lists thecommands shewishes to execute and the times they should be executed. The cron daemon takes care ofstarting the commands when specified.

The at service is similar to cron, but it is once only: the command is executed at the given

time, but it is not repeated.

We will go more into this later. See the manual pages cron(1), crontab(1), crontab(5), at(1) and atd(8) for more in depth information.

Chapter 13 will cover this.

2.3.5. Graphical user interface

UNIX and Linux don't incorporate the user interface into the kernel; instead, they let it be implemented byuser level programs. This applies for both text mode and graphical environments.

This arrangement makes the system more flexible, but has the disadvantage that it is simple to implement adifferent user interface for each program, making the system harder to learn.

The graphical environment primarily used with Linux is called the X Window System (X for short). X alsodoes not implement a user interface; it only implements a window system, i.e., tools with which a graphicaluser interface can be implemented. Some popular window managers are: fvwm , icewm , bl

ackbox , andwindowmaker . There are also two popular desktop managers, KDE and Gnome.

2.3.6. Networking

Networking is the act of connecting two or more computers so that they can communicat


11/135



e with each other.The actual methods of connecting and communicating are slightly complicated, but the end result is very useful.

UNIX operating systems have many networking features. Most basic services (filesystems, printing, backups,etc) can be done over the network. This can make system administration easier, since it allows centralizedadministration, while still reaping in the benefits of microcomputing and distributed computing, such as lower costs and better fault tolerance.

However, this book merely glances at networking; see the Linux Network Administrators' Guide

http://www.tldp.org/LDP/nag2/index.html for more information, including a basic description of hownetworks operate.

2.3.7. Network logins

Network logins work a little differently than normal logins. For each person logging in via the network thereis a separate virtual network connection, and there can be any number of these depending on the availablebandwidth. It is therefore not possible to run a separate getty for each possible virtual connection. There arealso several different ways to log in via a network, telnet and ssh being the major ones inTCP/IP networks.

These days many Linux system administrators consider telnet and rlogin to be insecureand prefer ssh, the``secure shell'', which encrypts traffic going over the network, thereby making it far less likely that themalicious can ``sniff'' your connection and gain sensitive data like usernames and passwords. It is highly recommended you use ssh rather than telnet or rlogin.

Network logins have, instead of a herd ofgettys, a single daemon per way of logging in (telnet and ssh haveseparate daemons) that listens for all incoming login attempts. When it notices one, it startsa new instance of

itself to handle that single attempt; the original instance continues to listen for other attempts. The new instance works similarly to getty.

2.3.8. Network file systems

One of the more useful things that can be done with networking services is sharing files via


12/135



a network filesystem. Depending on your network this could be done over the Network File System (NFS),or over theCommon Internet File System (CIFS). NFS is typically a 'UNIX' based service. In Linux, NFSis supported bythe kernel. CIFS however is not. In Linux, CIFS is supported by Samba http://www.samba.org .

With a network file system any file operations done by a program on one machine are sentover the network toanother computer. This fools the program to think that all the files on the other computer are actually on thecomputer the program is running on. This makes information sharing extremely simple, since it requires no modifications to programs.

This will be covered in more detail in Section 5.4.

2.3.9. Mail

Electronic mail is the most popularly used method for communicating via computer. An electronic letter isstored in a file using a special format, and special mail programs are used to send and read the letters.

Each user has an incoming mailbox(a file in the special format), where all new mail is stored. When someonesends mail, the mail program locates the receiver's mailbox and appends the letter to themailbox file. If thereceiver's mailbox is in another machine, the letter is sent to the other machine, which delivers it to the mailbox as it best sees fit.

The mail system consists of many programs. The delivery of mail to local or remote mailboxes is done by oneprogram (the mail transfer agent(MTA) , e.g., sendmail or postfix ), while the programs users use are manyand varied (mail user agent(MUA) , e.g., pine , or evolution . The mailboxes are usually stored in /var/spool/mail until the user's MUA retrieves them.

For more information on setting up and running mail services you can read the Mail Administrator HOWTO at http://www.tldp.org/HOWTO/MailAdministratorHOWTO.html, or visit the sendmail or postfix'swebsite. http://www.sendmail.org/, or http://www.postfix.org/ .


13/135




2.3.10. Printing

Only one person can use a printer at one time, but it is uneconomical not to share printers between users. Theprinter is therefore managed by software that implements a print queue: all print jobs are put into a queue andwhenever the printer is done with one job, the next one is sent to it automatically. This relieves the users fromorganizing the print queue and fighting over control of the printer. Instead, they form a newqueue attheprinter, waiting for their printouts, since no one ever seems to be able to get the queue software to knowexactly when anyone's printout is really finished. This is a great boost to intraoffice social r

elations.

The print queue software also spools the printouts on disk, i.e., the text is kept in a file while the job is in thequeue. This allows an application program to spit out the print jobs quickly to the print queue software; theapplication does not have to wait until the job is actually printed to continue. This is really convenient, since itallows one to print out one version, and not have to wait for it to be printed before one canmake a completely revised new version.

You can refer to the PrintingHOWTO located at http://www.tldp.org/HOWTO/PrintingHOWTO/index.html for more help in setting up printers.

2.3.11. The filesystem layout

The filesystem is divided into many parts; usually along the lines of a root filesystem with /bin , /lib ,/etc , /dev , and a few others; a /usr filesystem with programs and unchanging data; /var filesystemwith changing data (such as log files); and a /home for everyone's personal files. Dependingon the hardware

configuration and the decisions of the system administrator, the division can be different; itcan even be all in one filesystem.

Chapter 3 describes the filesystem layout in some little detail; the Filesystem Hierarchy Standard . covers it insomewhat more detail. This can be found on the web at: http://www.pathname.com/fhs/Chapter 3. Overview of the Directory Tree


14/135



" Two days later, there was Pooh, sitting on his branch, dangling his legs, and there, beside him, were four pots of honey..." (A.A. Milne)

This chapter describes the important parts of a standard Linux directory tree, based on theFilesystemHierarchy Standard . It outlines the normal way of breaking the directory tree into separatefilesystems withdifferent purposes and gives the motivation behind this particular split. Not all Linux distributions follow this standard slavishly, but it is generic enough to give you an overview.

3.1. Background

This chapter is loosely based on the Filesystems Hierarchy Standard(FHS). version 2.1, which attempts to seta standard for how the directory tree in a Linux system is organized. Such a standard has th

e advantage that itwill be easier to write or port software for Linux, and to administer Linux machines, since everything shouldbe in standardized places. There is no authority behind the standard that forces anyone to comply with it, but ithas gained the support of many Linux distributions. It is not a good idea to break with the FHS without verycompelling reasons. The FHS attempts to follow Unix tradition and current trends, making Linux systems familiar to those with experience with other Unix systems, and vice versa.

This chapter is not as detailed as the FHS. A system administrator should also readthe full FHS for a complete understanding.

This chapter does not explain all files in detail. The intention is not to describe every file, but to give anoverview of the system from a filesystem point of view. Further information on each file is available elsewhere in this manual or in the Linux manual pages.

The full directory tree is intended to be breakable into smaller parts, each capable of beingon its own disk orpartition, to accommodate to disk size limits and to ease backup and other system administration tasks. Themajor parts are the root (/ ), /usr , /var , and /home filesystems (see Figure 31). Each p

art has adifferent purpose. The directory tree has been designed so that it works well in a network of Linux machineswhich may share some parts of the filesystems over a readonly device (e.g., a CDROM),or over the network with NFS.


15/135



Figure 31. Parts of a Unix directory tree. Dashed lines indicate partition limits.

The roles of the different parts of the directory tree are described below.

Chapter 3. Overview of the Directory Tree. The root filesystem is specific for each machine (it is generally stored on a local disk, although itcould be a ramdisk or network drive as well) and contains the files that are necessary for booting thesystem up, and to bring it up to such a state that the other filesystems may be mounted. The contentsof the root filesystem will therefore be sufficient for the single user state. It will also containtools for fixing a broken system, and for recovering lost files from backups.. The /usr filesystem contains all commands, libraries, manual pages, and other unchanging files

needed during normal operation. No files in /usr should be specific for any given machine, norshould they be modified during normal use. This allows the files to be shared over the network, whichcan be costeffective since it saves disk space (there can easily be hundreds of megabytes,increasingly multiple gigabytes in /usr). It can make administration easier (only the master/usrneeds to be changed when updating an application, not each machine separately) to have /usr networkmounted. Even if the filesystem is on a local disk, it could be mounted readonly, to lessenthe chance of filesystem corruption during a crash.. The /var filesystem contains files that change, such as spool directories (for mail, news, prin

ters,etc), log files, formatted manual pages, and temporary files. Traditionally everything in /varhas been somewhere below /usr , but that made it impossible to mount /usr readonly.. The /home filesystem contains the users' home directories, i.e., all the real data on the system.Separating home directories to their own directory tree or filesystem makes backups easier;


16/135



the otherparts often do not have to be backed up, or at least not as often as they seldom change. Abig /homemight have to be broken across several filesystems, which requires adding an extra naming

level below /home, for example /home/students and /home/staff.

Although the different parts have been called filesystems above, there is no requirement that they actually beon separate filesystems. They could easily be kept in a single one if the system is a small singleuser systemand the user wants to keep things simple. The directory tree might also be divided into filesystems differently,depending on how large the disks are, and how space is allocated for various purposes. Theimportant part,though, is that all the standard names work; even if, say, /var and /usr are actually on the same partition,the names /usr/lib/libc.a and /var/log/messages must work, for example by moving filesbelow /var into /usr/var, and making /var a symlink to /usr/var.

The Unix filesystem structure groups files according to purpose, i.e., all commands are in one place, all datafiles in another, documentation in a third, and so on. An alternative would be to group files files according tothe program they belong to, i.e., all Emacs files would be in one directory, all TeX in another, and so on. Theproblem with the latter approach is that it makes it difficult to share files (the program directory often contains

both static and sharable and changing and nonsharable files), and sometimes to even findthe files (e.g.,manual pages in a huge number of places, and making the manual page programs find all ofthem is a maintenance nightmare).

3.2. The root filesystem

The root filesystem should generally be small, since it contains very critical files and a small, infrequentlymodified filesystem has a better chance of not getting corrupted. A corrupted root filesys

tem will generallymean that the system becomes unbootable except with special measures (e.g., from a floppy), so you don't want to risk it.

The root directory generally doesn't contain any files, except perhaps on older systems where the standardboot image for the system, usually called /vmlinuz was kept there. (Most distributions ha


17/135



ve moved thosefiles the the /boot directory. Otherwise, all files are kept in subdirectories under the root filesystem:

/bin

Chapter 3. Overview of the Directory TreeCommands needed during bootup that might be used by normal users (probably after bootu

p)./sbin

Like /bin, but the commands are not intended for normal users, although they mayuse them ifnecessary and allowed. /sbin is not usually in the default path of normal users, but

will be in root's default path./etc

Configuration files specific to the machine./root

The home directory for user root. This is usually not accessible to other users on the system/lib

Shared libraries needed by the programs on the root filesystem./lib/modules

Loadable kernel modules, especially those that are needed to boot the system when recovering from disasters (e.g., network and filesystem drivers).

/dev

Device files. These are special files that help the user interface with the various devices on the system.

/tmp

Temporary files. As the name suggests, programs running often store temporary files in here.

/boot

Files used by the bootstrap loader, e.g., LILO or GRUB. Kernel images are often kepthere instead ofin the root directory. If there are many kernel images, the directory can easily grow rather big, and itmight be better to keep it in a separate filesystem. Another reason would be to makesure the kernel


18/135



images are within the first 1024 cylinders of an IDE disk. This 1024 cylinder limit is no longer true inmost cases. With modern BIOSes and later versions of LILO (the LInux LOader) the 1024 cylinderlimit can be passed with logical block addressing (LBA). See the lilo manual page formore details.

/mnt

Mount point for temporary mounts by the system administrator. Programs aren't supposed to mounton /mnt automatically. /mnt might be divided into subdirectories (e.g., /mnt/dosamight be thefloppy drive using an MSDOS filesystem, and /mnt/exta might be the same with an ext2 filesystem).

/proc, /usr, /var, /home

Mount points for the other filesystems. Although /proc does not reside on any diskin reality it is

still mentioned here. See the section about /proc later in the chapter.

3.3. The /etc directory

The /etc maintains a lot of files. Some of them are described below. For others, you shoulddetermine whichprogram they belong to and read the manual page for that program. Many networking configuration files are in /etc as well, and are described in the Networking Administrators' Guide.

/etc/rc or /etc/rc.d or /etc/rc?.d

Scripts or directories of scripts to run at startup or when changing the run level. See Section 2.3.1 forfurther information.

/etc/passwd

The user database, with fields giving the username, real name, home directory, andother information

about each user. The format is documented in the passwd manual page./etc/shadow

/etc/shadow is an encrypted file the holds user passwords.

/etc/fdprm

Chapter 3. Overview of the Directory Tree


19/135



Floppy disk parameter table. Describes what different floppy disk formats look like. Used bysetfdprm . See the setfdprm manual page for more information.

/etc/fstab

Lists the filesystems mounted automatically at startup by the mount a command(in /etc/rc orequivalent startup file). Under Linux, also contains information about swap areas used automaticallyby swapon a . See Section 5.10.7 and the mount manual page for more information. Also fstab usually has its own manual page in section 5.

/etc/group

Similar to /etc/passwd, but describes groups instead of users. See the group manual page in section 5 for more information.

/etc/inittab

Configuration file for init./etc/issue

Output by getty before the login prompt. Usually contains a short description or welcoming message to the system. The contents are up to the system administrator.

/etc/magic

The configuration file for file. Contains the descriptions of various file formats based on which fileguesses the type of the file. See the magic and file manual pages for more information.

/etc/motd

The message of the day, automatically output after a successful login. Contents are up to the systemadministrator. Often used for getting information to every user, such as warnings about planned downtimes.

/etc/mtab

List of currently mounted filesystems. Initially set up by the bootup scripts, and updated automaticallyby the mount command. Used when a list of mounted filesystems is needed, e.g., by the dfcommand.

/etc/login.defs

Configuration file for the login command. The login.defs file usually has a man


20/135



ual page in section 5.

/etc/printcap

Like /etc/termcap/etc/printcap , but intended for printers. However it uses different

syntax. The printcap has a manual page in section 5.

/etc/profile, /etc/bash.rc, /etc/csh.cshrc

Files executed at login or startup time by the Bourne, BASH , or C shells. These allow the systemadministrator to set global defaults for all users. Users can also create individual copies of these intheir home directory to personalize their environment. See the manual pages for therespective shells.

/etc/securetty

Identifies secure terminals, i.e., the terminals from which root is allowed to log in.Typically only thevirtual consoles are listed, so that it becomes impossible (or at least harder) to gainsuperuserprivileges by breaking into a system over a modem or a network. Do not allow rootlogins over anetwork. Prefer to log in as an unprivileged user and use su or sudo to gain root privileges.

/etc/shells

Lists trusted shells. The chsh command allows users to change their login shell onlyto shells listed inthis file. ftpd, is the server process that provides FTP services for a machine, will check that the user'sshell is listed in /etc/shells and will not let people log in unless the shell is listed there.

/etc/termcap

The terminal capability database. Describes by what ``escape sequences'' variousterminals can becontrolled. Programs are written so that instead of directly outputting an escape sequence that only

works on a particular brand of terminal, they look up the correct sequence to dowhatever it is theywant to do in /etc/termcap. As a result most programs work with most kinds of terminals. Seethe termcap, curs_termcap, and terminfo manual pages for more information.

3.4. The /dev directory


21/135



The /dev directory contains the special device files for all the devices. The device files are created duringinstallation, and later with the /dev/MAKEDEV script. The /dev/MAKEDEV.local is a script written by thesystem administrator that creates localonly device files or links (i.e. those that are not part of the standard MAKEDEV, such as device files for some nonstandard device driver).

This list which follows is by no means exhaustive or as detailed as it could be. Many of thesedevice files willneed support compiled into your kernel for the hardware. Read the kernel documentation tofind details of any particular device.

If you think there are other devices which should be included here but aren't then let meknow. I will try to include them in the next revision.

/dev/dsp

Digital Signal Processor. Basically this forms the interface between software whichproduces soundand your soundcard. It is a character device on major node 14 and minor 3.

/dev/fd0

The first floppy drive. If you are lucky enough to have several drives then theywill be numberedsequentially. It is a character device on major node 2 and minor 0.

/dev/fb0

The first framebuffer device. A framebuffer is an abstraction layer between software and graphicshardware. This means that applications do not need to know about what kind of hardware you havebut merely how to communicate with the framebuffer driver's API (Application ProgrammingInterface) which is well defined and standardized. The framebuffer is a characterdevice and is on major node 29 and minor 0.

/dev/hda

/dev/hda is the master IDE drive on the primary IDE controller. /dev/hdb the slave drive on theprimary controller. /dev/hdc , and /dev/hdd are the master and slave devices on thesecondarycontroller respectively. Each disk is divided into partitions. Partitions 14 are primarypartitions and

partitions 5 and above are logical partitions inside extended partitions. Therefore the


22/135


23/135



/dev/md0

First metadisk group. Metadisks are related to RAID (Redundant Array of Independent Disks)devices. Please refer to the most current RAID HOWTO at the LDP for more details.This can be found at http://www.tldp.org/HOWTO/SoftwareRAIDHOWTO.html. Metadisk devices are blockdevices on major node 9 with minor nodes starting at 0and numbered sequentially.

/dev/mixer

This is part of the OSS (Open Sound System) driver. Refer to the OSS documentation athttp://www.opensound.com for more details. It is a character device on major node 14, minor node 0.

/dev/null

The bit bucket. A black hole where you can send data for it never to be seen again.Anything sent to/dev/null will disappear. This can be useful if, for example, you wish to run a command but nothave any feedback appear on the terminal. It is a character device on major node 1and minor node 3.

/dev/psaux

The PS/2 mouse port. This is a character device on major node 10, minor node 1./dev/pda

Parallel port IDE disks. These are named similarly to disks on the internal IDE controllers(/dev/hd*). They are block devices on major node 45. Minor nodes need slightly more explanationhere. The first device is /dev/pda and it is on minor node 0. Partitions on this deviceare found byadding the partition number to the minor number for the device. Each device is limited to 15 partitionseach rather than 63 (the limit for internal IDE disks). /dev/pdb minor nodes start at16, /dev/pdcat 32 and /dev/pdd at 48. So for example the minor node number for /dev/pdc6 wou

ld be 38(32 + 6 = 38). This scheme limits you to 4 parallel disks of 15 partitions each.

/dev/pcd0

Parallel port CD ROM drives. These are numbered from 0 onwards. All are block devices onmajor

node 46. /dev/pcd0 is on minor node 0 with subsequent drives being on minor nodes 1, 2, 3


24/135



etc./dev/pt0

Parallel port tape devices. Tapes do not have partitions so these are just numberedsequentially. Theyare character devices on major node 96. The minor node numbers start from 0 for /dev/pt0, 1 for /dev/pt1, and so on.

/dev/parport0

The raw parallel ports. Most devices which are attached to parallel ports have theirown drivers. Thisis a device to access the port directly. It is a character device on major node 99 with minor node 0.Subsequent devices after the first are numbered sequentially incrementing the minor node.

/dev/random or /dev/urandomThese are kernel random number generators. /dev/random is a nondeterministic generator whichmeans that the value of the next number cannot be guessed from the preceding ones. It uses theentropy of the system hardware to generate numbers. When it has no more entropyto use then it mustwait until it has collected more before it will allow any more numbers to be read from it./dev/urandom works similarly. Initially it also uses the entropy of the system hardware, but whenthere is no more entropy to use it will continue to return numbers using a pseudo random numbergenerating formula. This is considered to be less secure for vital purposes such as cryptographic keypair generation. If security is your overriding concern then use /dev/random, if speed is moreimportant then /dev/urandom works fine. They are character devices on major node1 with minor nodes 8 for /dev/random and 9 for /dev/urandom.

/dev/sda

The first SCSI drive on the first SCSI bus. The following drives are named similar

to IDE drives./dev/sdb is the second SCSI drive, /dev/sdc is the third SCSI drive, and so forth.

/dev/ttyS0

The first serial port. Many times this it the port used to connect an external modem to yoursystem.

/dev/zero


25/135



This is a simple way of getting many 0s. Every time you read from this device it will return 0. Thiscan be useful sometimes, for example when you want a file of fixed length but don'treally care whatit contains. It is a character device on major node 1 and minor node 5.

3.5. The /usr filesystem.

The /usr filesystem is often large, since all programs are installed there. All files in /usr usually comefrom a Linux distribution; locally installed programs and other stuff goes below /usr/local. This makes itpossible to update the system from a new version of the distribution, or even a completely new distribution,

without having to install all programs again. Some of the subdirectories of /usr are listed below (some of theless important directories have been dropped; see the FSSTND for more information).

/usr/X11R6.

The X Window System, all files. To simplify the development and installation of X, the X files havenot been integrated into the rest of the system. There is a directory tree below /usr/X11R6 similar to that below /usr itself.

/usr/bin.

Almost all user commands. Some commands are in /bin or in /usr/local/bin./usr/sbin

System administration commands that are not needed on the root filesystem, e.g., most server programs.

/usr/share/man, /usr/share/info, /usr/share/doc

Manual pages, GNU Info documents, and miscellaneous other documentation files, respectively.

/usr/include

Header files for the C programming language. This should actually be below /usr/lib forconsistency, but the tradition is overwhelmingly in support for this name.

/usr/lib

Unchanging data files for programs and subsystems, including some sitewide configuration files.The name lib comes from library; originally libraries of programming subroutineswere stored in /usr/lib.

/usr/local


26/135



The place for locally installed software and other files. Distributions may not install anything in here.It is reserved solely for the use of the local administrator. This way he can be absolutely certain thatno updates or upgrades to his distribution will overwrite any extra software he has installed locally.

3.6. The /var filesystem

The /var contains data that is changed when the system is running normally. It is specificfor each system, i.e., not shared over the network with other computers.

/var/cache/man

A cache for man pages that are formatted on demand. The source for manual pages is usually storedin /usr/share/man/man?/ (where ? is the manual section. See the manual page forman insection 7); some manual pages might come with a preformatted version, whichmight be stored in

Chapter 3. Overview of the Directory Tree/usr/share/man/cat* . Other manual pages need to be formatted when they are first viewed;

the formatted version is then stored in /var/cache/man so that the next person toview the same page won't have to wait for it to be formatted.

/var/games

Any variable data belonging to games in /usr should be placed here. This is in case/usr is mounted read only.

/var/lib

Files that change while the system is running normally./var/local

Variable data for programs that are installed in /usr/local (i.e., programs that havebeen installedby the system administrator). Note that even locally installed programs should use the other /var directories if they are appropriate, e.g., /var/lock.

/var/lock

Lock files. Many programs follow a convention to create a lock file in /var/lock to ind


27/135



icate thatthey are using a particular device or file. Other programs will notice the lock file andwon't attempt to use the device or file.

/var/log

Log files from various programs, especially login(/var/log/wtmp, which logs all logins andlogouts into the system) and syslog(/var/log/messages, where all kernel and system programmessage are usually stored). Files in /var/log can often grow indefinitely, and mayrequire cleaning at regular intervals.

/var/mail

This is the FHS approved location for user mailbox files. Depending on how far your

distribution hasgone towards FHS compliance, these files may still be held in /var/spool/mail./var/run

Files that contain information about the system that is valid until the system isnext booted. Forexample, /var/run/utmp contains information about people currently logged in.

/var/spool

Directories for news, printer queues, and other queued work. Each different spool has its ownsubdirectory below /var/spool, e.g., the news spool is in /var/spool/news . Note thatsomeinstallations which are not fully compliant with the latest version of the FHS may have user mailboxes under /var/spool/mail.

/var/tmp

Temporary files that are large or that need to exist for a longer time than what is allowed for /tmp .(Although the system administrator might not allow very old files in /var/tmp either.)

3.7. The /proc filesystem

The /proc filesystem contains a illusionary filesystem. It does not exist on a disk. Instead, the kernel createsit in memory. It is used to provide information about the system (originally about processes, hence the name).Some of the more important files and directories are explained below. The /proc filesystem


28/135



is described in more detail in the proc manual page.

/proc/1

A directory with information about process number 1. Each process has a directory below /proc with the name being its process identification number.

/proc/cpuinfo

Information about the processor, such as its type, make, model, and performance./proc/devices

List of device drivers configured into the currently running kernel.

Chapter 3. Overview of the Directory Tree

/proc/dma

Shows which DMA channels are being used at the moment./proc/filesystems

Filesystems configured into the kernel./proc/interrupts

Shows which interrupts are in use, and how many of each there have been./proc/ioports

Which I/O ports are in use at the moment./proc/kcore

An image of the physical memory of the system. This is exactly the same size as your physicalmemory, but does not really take up that much memory; it is generated on the fly as programs accessit. (Remember: unless you copy it elsewhere, nothing under /proc takes up any diskspace at all.)

/proc/kmsg

Messages output by the kernel. These are also routed to syslog.

/proc/ksyms

Symbol table for the kernel./proc/loadavg

The `load average' of the system; three meaningless indicators of how much workthe system has to do at the moment.


29/135



/proc/meminfo

Information about memory usage, both physical and swap./proc/modules

Which kernel modules are loaded at the moment.

/proc/net

Status information about network protocols./proc/self

A symbolic link to the process directory of the program that is looking at /proc. When two

processes look at /proc, they get different links. This is mainly a convenience to make it easier for programs to get at their process directory./proc/stat

Various statistics about the system, such as the number of page faults since the system wasbooted.

/proc/uptime

The time the system has been up./proc/version

The kernel version.

Note that while the above files tend to be easily readable text files, they can sometimes be formatted in a waythat is not easily digestible. There are many commands that do little more than read the above files and formatthem for easier understanding. For example, the freeprogram reads /proc/meminfo converts the amounts given in bytes to kilobytes (and adds a little more information, as well).Chapter 4. Hardware, Devices, and Tools

"Knowledge speaks, but wisdom listens." Jimi Hendrix

This chapter gives an overview of what a device file is, and how to create one. The canonicallist of devicefiles is /usr/src/linux/Documentation/devices.txt if you have the Linux kernel source codeinstalled on your system. The devices listed here are correct as of kernel version 2.6.8.

4.1. Hardware Utilities


30/135



4.1.1. The MAKEDEV Script

Most device files will already be created and will be there ready to use after you install yourLinux system. Ifby some chance you need to create one which is not provided then you should first try to use the MAKEDEVscript. This script is usually located in /dev/MAKEDEV but might also have a copy (or a symbolic link) in/sbin/MAKEDEV. If it turns out not to be in your path then you will need to specify the pathto it explicitly.

In general the command is used as:

This will create the device file /dev/ttyS0 with major node 4 and minor node 64 as a character device with access permissions 0660 with owner root and group dialout.

ttyS0 is a serial port. The major and minor node numbers are numbers understood by the kernel. The kernelrefers to hardware devices as numbers, this would be very difficult for us to remember, sowe use filenames.Access permissions of 0660 means read and write permission for the owner (root in this case) and read andwrite permission for members of the group (dialout in this case) with no access for anyone else.

4.1.2. The mknod command

MAKEDEV is the preferred way of creating device files which are not present. However sometimes theMAKEDEV script will not know about the device file you wish to create. This is where the mknod commandcomes in. In order to use mknod you need to know the major and minor node numbers forthe device youwish to create. The devices.txt file in the kernel source documentation is the canonical source of this information.

To take an example, let us suppose that our version of the MAKEDEV script does not knowhow to create the/dev/ttyS0 device file. We need to use mknod to create it. We know from looking at the devices.txtthat it should be a character device with major number 4 and minor number 64. So we nowknow all we need to create the file.


31/135



As you can see, many more steps are required to create the file. In this example you can see the processrequired however. It is unlikely in the extreme that the ttyS0 file would not be provided by the MAKEDEV script, but it suffices to illustrate the point.

4.1.3. The lspci command

lspci TO BE ADDED

4.1.4. The lsdev command

lsdev TO BE ADDED

4.1.5. The lsusb command

lsusb TO BE ADDED

4.1.6. The lsraid command

lsraid TO BE ADDED

4.1.7. The hdparm command

hdparm TO BE ADDED

4.1.8. More Hardware Resources

More information on what hardware resources the kernel is using can be found in the /procdirectory. Refer to Section 3.7 in chapter 3.

4.2. Kernel Modules

This section will discuss kernel modules. TO BE ADDED4.2.1. lsmod

lsmod TO BE ADDED

4.2.2. insmod


32/135



insmod TO BE ADDED

4.2.3. depmod

depmod TO BE ADDED

4.2.4. rmmod

rmmod TO BE ADDED

4.2.5. modprobe

modprobe TO BE ADDEDChapter 5. Using Disks and Other Storage Media

"On a clear disk you can seek forever. "

When you install or upgrade your system, you need to do a fair amount of work on your disks. You have tomake filesystems on your disks so that files can be stored on them and reserve space for the different parts of your system.

This chapter explains all these initial activities. Usually, once you get your system set up,you won't have togo through the work again, except for using floppies. You'll need to come back to this cha

pter if you add a new disk or want to finetune your disk usage.

The basic tasks in administering disks are:

. Format your disk. This does various things to prepare it for use, such as checking for bad sectors. (Formatting is nowadays not necessary for most hard disks.). Partition a hard disk, if you want to use it for several activities that aren't supposed to interfere withone another. One reason for partitioning is to store different operating systems on the samedisk.

Another reason is to keep user files separate from system files, which simplifies backups and helps protect the system files from corruption.. Make a filesystem (of a suitable type) on each disk or partition. The disk means nothing to Linux until you make a filesystem; then files can be created and accessed on it.. Mount different filesystems to form a single tree structure, either automatically, or manuallyas


33/135



needed. (Manually mounted filesystems usually need to be unmounted manually as well.)

Chapter 6 contains information about virtual memory and disk caching, of which you alsoneed to be awarewhen using disks.

5.1. Two kinds of devices

UNIX, and therefore Linux, recognizes two different kinds of device: randomaccess block devices (such asdisks), and character devices (such as tapes and serial lines) , some of which may be serial,and somerandomaccess. Each supported device is represented in the filesystem as a device file. When you read orwrite a device file, the data comes from or goes to the device it represents. This way no special programs (and

no special application programming methodology, such as catching interrupts or polling a serial port) arenecessary to access devices; for example, to send a file to the printer, one could just say

and the contents of the file are printed (the file must, of course, be in a form that the printer understands).However, since it is not a good idea to have several people cat their files to the printer at the same time, oneusually uses a special program to send the files to be printed (usually lpr ). This program makes sure that onlyone file is being printed at a time, and will automatically send files to the printer as soon asit finishes with theprevious file. Something similar is needed for most devices. In fact, one seldom needs to worry about device files at all.

Since devices show up as files in the filesystem (in the /dev directory), it is easy to see justwhat device filesexist, using ls or another suitable command. In the output ofls l, the first column contains the type of the file

Chapter 5. Using Disks and Other Storage Mediaand its permissions. For example, inspecting a serial device might give


34/135



The first character in the first column, i.e., `c' in crwrwrw above, tells an informed userthe type of thefile, in this case a character device. For ordinary files, the first character is `', for directories it is `d', and for block devices `b'; see the ls man page for further information.

Note that usually all device files exist even though the device itself might be not be installed. So just becauseyou have a file /dev/sda, it doesn't mean that you really do have an SCSI hard disk. Havingall the devicefiles makes the installation programs simpler, and makes it easier to add new hardware (there is no need tofind out the correct parameters for and create the device files for the new device).

5.2. Hard disks

This subsection introduces terminology related to hard disks. If you already know the termsand concepts, you can skip this subsection.

See Figure 51 for a schematic picture of the important parts in a hard disk. A hard disk consists of one ormore circular aluminum platters\ , of which either or both surfaces are coated with a magnetic substance usedfor recording the data. For each surface, there is a readwrite headthat examines or altersthe recorded data.The platters rotate on a common axis; typical rotation speed is 5400 or 7200 rotations perminute, althoughhighperformance hard disks have higher speeds and older disks may have lower speeds.The heads movealong the radius of the platters; this movement combined with the rotation of the platters allows the head to access all parts of the surfaces.

The processor (CPU) and the actual disk communicate through a disk controller. This relieves the rest of thecomputer from knowing how to use the drive, since the controllers for different types of disks can be made touse the same interface towards the rest of the computer. Therefore, the computer can sayjust ``hey disk, giveme what I want'', instead of a long and complex series of electric signals to move the headto the proper

location and waiting for the correct position to come under the head and doing all the otherunpleasant stuffnecessary. (In reality, the interface to the controller is still complex, but much less so thanit would otherwisebe.) The controller may also do other things, such as caching, or automatic bad sector replacement.


35/135



The above is usually all one needs to understand about the hardware. There are also other things, such as themotor that rotates the platters and moves the heads, and the electronics that control theoperation of themechanical parts, but they are mostly not relevant for understanding the working principles of a hard disk.

The surfaces are usually divided into concentric rings, called tracks, and these in turn are divided into sectors.This division is used to specify locations on the hard disk and to allocate disk space to files.To find a givenplace on the hard disk, one might say ``surface 3, track 5, sector 7''. Usually the number ofsectors is the samefor all tracks, but some hard disks put more sectors in outer tracks (all sectors are of the same physical size, so

more of them fit in the longer outer tracks). Typically, a sector will hold 512 bytes of data. The disk itself can't handle smaller amounts of data than one sector.

Figure 51. A schematic picture of a hard disk.

Chapter 5. Using Disks and Other Storage Media


36/135



Each surface is divided into tracks (and sectors) in the same way. This means that when the head for onesurface is on a track, the heads for the other surfaces are also on the corresponding tracks. All thecorresponding tracks taken together are called a cylinder. It takes time to move the headsfrom one track

(cylinder) to another, so by placing the data that is often accessed together (say, a file) sothat it is within onecylinder, it is not necessary to move the heads to read all of it. This improves performance.It is not alwayspossible to place files like this; files that are stored in several places on the disk are calledfragmented.


37/135



The number of surfaces (or heads, which is the same thing), cylinders, and sectors vary a lot; the specificationof the number of each is called the geometryof a hard disk. The geometry is usually storedin a special,batterypowered memory location called the CMOS RAM, from where the operating systemcan fetch it during bootup or driver initialization.

Unfortunately, the BIOS has a design limitation, which makes it impossible to specify a tracknumber that islarger than 1024 in the CMOS RAM, which is too little for a large hard disk. To overcome this, the hard diskcontroller lies about the geometry, and translates the addresses given by the computer intosomething that fitsreality. For example, a hard disk might have 8 heads, 2048 tracks, and 35 sectors per track.Its controller could

lie to the computer and claim that it has 16 heads, 1024 tracks, and 35 sectors per track, thus not exceeding thelimit on tracks, and translates the address that the computer gives it by halving the head number, and doublingthe track number. The mathematics can be more complicated in reality, because the numbers are not as nice ashere (but again, the details are not relevant for understanding the principle). This translation distorts theoperating system's view of how the disk is organized, thus making it impractical to use thealldataononecylinder trick to boost performance.

The translation is only a problem for IDE disks. SCSI disks use a sequential sector number (i.e., the controllertranslates a sequential sector number to a head, cylinder, and sector triplet), and a completely different methodfor the CPU to talk with the controller, so they are insulated from the problem. Note, however, that the computer might not know the real geometry of an SCSI disk either.

Since Linux often will not know the real geometry of a disk, its filesystems don't even try tokeep files withina single cylinder. Instead, it tries to assign sequentially numbered sectors to files, which almost always givessimilar performance. The issue is further complicated by oncontroller caches, and automati

c prefetches done by the controller.

Each hard disk is represented by a separate device file. There can (usually) be only two or four IDE harddisks. These are known as /dev/hda, /dev/hdb, /dev/hdc, and /dev/hdd, respectively. SCSIharddisks are known as /dev/sda, /dev/sdb, and so on. Similar naming conventions exist for oth


38/135



er hard disktypes; see Chapter 4 for more information. Note that the device files for the hard disks giveaccess to theentire disk, with no regard to partitions (which will be discussed below), and it's easy to mess up the partitionsor the data in them if you aren't careful. The disks' device files are usually used only to getaccess to the master boot record (which will also be discussed below).

5.3. Storage Area Networks Draft

A SAN is a dedicated storage network that provides block level access to LUNs. A LUN, orlogical unitnumber, is a virtual disk provided by the SAN. The system administrator the same accessand rights to theLUN as if it were a disk directly attached to it. The administrator can partition, and formatthe disk in any means he or she chooses.

Two networking protocols commonly used in a SAN are fibre channeland iSCSI. A fibre channel network isvery fast and is not burdened by the other network traffic in a company's LAN. However, it'svery expensive.Fibre channel cards cost around $1000.00 USD each. They also require special fibre channelswitches.

iSCSI is a newer technology that sends SCSI commands over a TCP/IP network. While thismethod may notbe as fast as a Fibre Channel network, it does save money by using less expensive networkhardware.

More To Be Added

5.4. Network Attached Storage Draft

A NAS uses your companies existing Ethernet network to allow access to shared disks. This is filesystemlevel access. The system administrator does not have the ability to partition or format the disks since they arepotentially shared by multiple computers. This technology is commonly used to provide multiple workstations access to the same data.

Similar to a SAN, a NAS need to make use of a protocol to allow access to it's disks. With aNAS this is either CIFS/Samba , or NFS.


39/135



Chapter 5. Using Disks and Other Storage MediaTraditionally CIFS was used with Microsoft Windows networks, and NFS was used with UNIX& Linux networks. However, with Samba, Linux machines can also make use of CIFS shares.

Does this mean that your Windows 2003 server or your Linux box are NAS servers becausethey provideaccess to shared drives over your network? Yes, they are. You could also purchase a NAS device from anumber of manufacturers. These devices are specifically designed to provide high speed access to data.

More To Be Added

5.4.1. NFS

TO BE ADDED

5.4.2. CIFS

TO BE ADDED

5.5. Floppies

A floppy disk consists of a flexible membrane covered on one or both sides with similar magnetic substanceas a hard disk. The floppy disk itself doesn't have a readwrite head, that is included in the drive. A floppy

corresponds to one platter in a hard disk, but is removable and one drive can be used to access differentfloppies, and the same floppy can be read by many drives, whereas the hard disk is one indivisible unit.

Like a hard disk, a floppy is divided into tracks and sectors (and the two corresponding tracks on either side ofa floppy form a cylinder), but there are many fewer of them than on a hard disk.

A floppy drive can usually use several different types of disks; for example, a 3.5 inch drive can use both 720

KB and 1.44 MB disks. Since the drive has to operate a bit differently and the operating system must knowhow big the disk is, there are many device files for floppy drives, one per combination of drive and disk type.Therefore, /dev/fd0H1440 is the first floppy drive (fd0), which must be a 3.5 inch drive, using a 3.5 inch,high density disk (H) of size 1440 KB (1440), i.e., a normal 3.5 inch HD floppy.


40/135



The names for floppy drives are complex, however, and Linux therefore has a special floppy device type thatautomatically detects the type of the disk in the drive. It works by trying to read the first sector of a newlyinserted floppy using different floppy types until it finds the correct one. This naturally requires that thefloppy is formatted first. The automatic devices are called /dev/fd0, /dev/fd1, and so on.

The parameters the automatic device uses to access a disk can also be set using the program setfdprm . Thiscan be useful if you need to use disks that do not follow any usual floppy sizes, e.g., if they have an unusualnumber of sectors, or if the autodetecting for some reason fails and the proper device fileis missing.

Linux can handle many nonstandard floppy disk formats in addition to all the standard ones. Some of theserequire using special formatting programs. We'll skip these disk types for now, but in themean time you canexamine the /etc/fdprm file. It specifies the settings that setfdprm recognizes.

The operating system must know when a disk has been changed in a floppy drive, for example, in order toavoid using cached data from the previous disk. Unfortunately, the signal line that is used for this issometimes broken, and worse, this won't always be noticeable when using the drive fromwithin MSDOS. If

Chapter 5. Using Disks and Other Storage Mediayou are experiencing weird problems using floppies, this might be the reason. The only wayto correct it is to repair the floppy drive.

5.6. CDROMs

A CDROM drive uses an optically read, plastic coated disk. The information is recorded onthe surface ofthe disk in small `holes' aligned along a spiral from the center to the edge. The drive direct

s a laser beamalong the spiral to read the disk. When the laser hits a hole, the laser is reflected in one way; when it hitssmooth surface, it is reflected in another way. This makes it easy to code bits, and therefore information. The rest is easy, mere mechanics.

CDROM drives are slow compared to hard disks. Whereas a typical hard disk will have an a


41/135



verage seek timeless than 15 milliseconds, a fast CDROM drive can use tenths of a second for seeks. The actual data transferrate is fairly high at hundreds of kilobytes per second. The slowness means that CDROM drives are not aspleasant to use as hard disks (some Linux distributions provide `live' filesystems on CDROMs, making itunnecessary to copy the files to the hard disk, making installation easier and saving a lot ofhard disk space),although it is still possible. For installing new software, CDROMs are very good, since maximum speed is not essential during installation.

There are several ways to arrange data on a CDROM. The most popular one is specified bythe internationalstandard ISO 9660 . This standard specifies a very minimal filesystem, which is even more c

rude than the oneMSDOS uses. On the other hand, it is so minimal that every operating system should be able to map it to its native system.

For normal UNIX use, the ISO 9660 filesystem is not usable, so an extension to the standard has beendeveloped, called the Rock Ridge extension. Rock Ridge allows longer filenames, symbolic links, and a lot ofother goodies, making a CDROM look more or less like any contemporary UNIX filesystem.Even better, aRock Ridge filesystem is still a valid ISO 9660 filesystem, making it usable by nonUNIX systems as well.Linux supports both ISO 9660 and the Rock Ridge extensions; the extensions are recognized and used automatically.

The filesystem is only half the battle, however. Most CDROMs contain data that requiresa special programto access, and most of these programs do not run under Linux (except, possibly, under dosemu, the Linux MSDOS emulator, or wine, the Windows emulator.

Ironically perhaps, wine actually stands for ``Wine Is Not an Emulator''. Wine, more strictly, is an API(Application Program Interface) replacement. Please see the wine documentation at http:

//www.winehq.com for more information.

There is also VMWare, a commercial product, which emulates an entire x86 machine insoftware. See the VMWare website, http://www.vmware.com for more information.

A CDROM drive is accessed via the corresponding device file. There are several ways toconnect a


42/135



CDROM drive to the computer: via SCSI, via a sound card, or via EIDE. The hardware hacking needed todo this is outside the scope of this book, but the type of connection decides the device file.5.7. Tapes

A tape drive uses a tape, similar to cassettes used for music. A tape is serial in nature, which means that inorder to get to any given part of it, you first have to go through all the parts in between. Adisk can beaccessed randomly, i.e., you can jump directly to any place on the disk. The serial access oftapes makes them slow.

On the other hand, tapes are relatively cheap to make, since they do not need to be fast. They can also easily

be made quite long, and can therefore contain a large amount of data. This makes tapes very suitable forthings like archiving and backups, which do not require large speeds, but benefit from lowcosts and large storage capacities.

5.8. Formatting

Formatting is the process of writing marks on the magnetic media that are used to mark tracks and sectors.Before a disk is formatted, its magnetic surface is a complete mess of magnetic signals. When it is formatted,some order is brought into the chaos by essentially drawing lines where the tracks go, andwhere they aredivided into sectors. The actual details are not quite exactly like this, but that is irrelevant.What is important is that a disk cannot be used unless it has been formatted.

The terminology is a bit confusing here: in MSDOS and MS Windows, the word formattingis used to coveralso the process of creating a filesystem (which will be discussed below). There, the two processes are oftencombined, especially for floppies. When the distinction needs to be made, the real formatting is calledlowlevel formatting, while making the filesystem is called highlevel formatting . In UNIX

circles, the twoare called formatting and making a filesystem, so that's what is used in this book as well.

For IDE and some SCSI disks the formatting is actually done at the factory and doesn't need to be repeated;hence most people rarely need to worry about it. In fact, formatting a hard disk can causeit to work less well,


43/135



for example because a disk might need to be formatted in some very special way to allowautomatic bad sector replacement to work.

Disks that need to be or can be formatted often require a special program anyway, becausethe interface to theformatting logic inside the drive is different from drive to drive. The formatting program isoften either on thecontroller BIOS, or is supplied as an MSDOS program; neither of these can easily be usedfrom within Linux.

During formatting one might encounter bad spots on the disk, called bad blocks or bad sectors. These aresometimes handled by the drive itself, but even then, if more of them develop, something needs to be done toavoid using those parts of the disk. The logic to do this is built into the filesystem; how to a

dd the informationinto the filesystem is described below. Alternatively, one might create a small partition thatcovers just the badpart of the disk; this approach might be a good idea if the bad spot is very large, since filesystems can sometimes have trouble with very large bad areas.

Floppies are formatted with fdformat . The floppy device file to use is given as the parameter. For example,the following command would format a high density, 3.5 inch floppy in the first floppy drive:

Note that if you want to use an autodetecting device (e.g., /dev/fd0), you mustset the parameters of the

It is usually more convenient to choose the correct device file that matches the type of thefloppy. Note that it


44/135



is unwise to format floppies to contain more information than what they are designed for.

fdformatalso validate the floppy, i.e., check it for bad blocks. It will try a bad block severaltimes (you canusually hear this, the drive noise changes dramatically). If the floppy is only marginally bad(due to dirt on theread/write head, some errors are false signals), fdformat won't complain, but a real errorwill abort thevalidation process. The kernel will print log messages for each I/O error it finds; these will go to the consoleor, ifsyslog is being used, to the file /var/log/messages. fdformat itself won't tell where the error is(one usually doesn't care, floppies are cheap enough that a bad one is automatically thrownaway).

The badblocks command can be used to search any disk or partition for bad blocks (including a floppy). Itdoes not format the disk, so it can be used to check even existing filesystems. The examplebelow checks a 3.5

badblocks outputs the block numbers of the bad blocks it finds. Most filesystems can avoid such bad blocks.They maintain a list of known bad blocks, which is initialized when the filesystem is made,and can bemodified later. The initial search for bad blocks can be done by the mkfs command (whichinitializes thefilesystem), but later checks should be done with badblocks and the new blocks should be

added with fsck. We'll describe mkfs and fsck later.

Many modern disks automatically notice bad blocks, and attempt to fix them by using a special, reserved goodblock instead. This is invisible to the operating system. This feature should be documented in the disk'smanual, if you're curious if it is happening. Even such disks can fail, if the number of bad bl


45/135



ocks grows toolarge, although chances are that by then the disk will be so rotten as to be unusable.

5.9. Partitions

A hard disk can be divided into several partitions. Each partition functions as if it were a separate hard disk.The idea is that if you have one hard disk, and want to have, say, two operating systems on it, you can divide

Chapter 5. Using Disks and Other Storage Mediathe disk into two partitions. Each operating system uses its partition as it wishes and doesn't touch the otherones. This way the two operating systems can coexist peacefully on the same hard disk.Without partitions one would have to buy a hard disk for each operating system.

Floppies are not usually partitioned. There is no technical reason against this, but since they're so small,partitions would be useful only very rarely. CDROMs are usually also not partitioned, sinceit's easier to usethem as one big disk, and there is seldom a need to have several operating systems on one.

5.9.1. The MBR, boot sectors and partition table

The information about how a hard disk has been partitioned is stored in its first sector (thatis, the first sector

of the first track on the first disk surface). The first sector is the master boot record(MBR) of the disk; this isthe sector that the BIOS reads in and starts when the machine is first booted. The master boot record containsa small program that reads the partition table, checks which partition is active (that is, marked bootable), andreads the first sector of that partition, the partition's boot sector(the MBR is also a boot sector, but it has aspecial status and therefore a special name). This boot sector contains another small program that reads thefirst part of the operating system stored on that partition (assuming it is bootable), and then starts it.

The partitioning scheme is not built into the hardware, or even into the BIOS. It is only aconvention thatmany operating systems follow. Not all operating systems do follow it, but they are the exceptions. Someoperating systems support partitions, but they occupy one partition on the hard disk, and


46/135



use their internalpartitioning method within that partition. The latter type exists peacefully with other operating systems(including Linux), and does not require any special measures, but an operating system that doesn't supportpartitions cannot coexist on the same disk with any other operating system.

As a safety precaution, it is a good idea to write down the partition table on a piece of paper, so that if it evercorrupts you don't have to lose all your files. (A bad partition table can be fixed with fdisk).The relevant information is given by the fdisk l command:

5.9.2. Extended and logical partitions

The original partitioning scheme for PC hard disks allowed only four partitions. This quicklyturned out to betoo little in real life, partly because some people want more than four operating systems (Linux, MSDOS,OS/2, Minix, FreeBSD, NetBSD, or Windows/NT, to name a few), but primarily because sometimes it is agood idea to have several partitions for one operating system. For example, swap space isusually best put inits own partition for Linux instead of in the main Linux partition for reasons of speed (see below).

Chapter 5. Using Disks and Other Storage MediaTo overcome this design problem, extended partitions were invented. This trick allows partitioning a primarypartition into subpartitions. The primary partition thus subdivided is the extended partition; the


47/135



subpartitions are logical partitions. They behave like primary partitions, but are created differently. There isno speed difference between them. By using an extended partition you can now have up to15 partitions per disk.

The partition structure of a hard disk might look like that in Figure 52. The disk is divided into three primarypartitions, the second of which is divided into two logical partitions. Part ofthe disk is not partitioned at all.The disk as a whole and each primary partition has a boot sector.

Figure 52. A sample hard disk partitioning.

5.9.3. Partition types

The partition tables (the one in the MBR, and the ones for extended partitio

Training Linux Administration Material

Documents

Transcript of Training Linux Administration Material